Malicious RTF — malware analysis report

Static analysis result for SHA-256 cc9388ce69743d09…

MALICIOUS

RTF

101.3 KB First seen: 2014-04-13
MD5: 1b8c2bba1093e0bfb66f992173801aa3 SHA-1: 9ccbe2381035cac6c9c9554585c30335a792d3d8 SHA-256: cc9388ce69743d0955f8f2e3e8637a395699c9f41d90b612548c0068718f9ae5
120 Risk Score

Heuristics 2

  • CVE-2010-3333 — pFragments RTF stack overflow critical CVE exact CVE_2010_3333
    RTF shape property pFragments has an oversized value, matching the CVE-2010-3333 stack-overflow trigger in Microsoft Word 2002/2003.
  • ClamAV: BC.Legacy.Exploit.CVE_2010_3333-5 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: BC.Legacy.Exploit.CVE_2010_3333-5